Close

Recent Posts

Archives

AG Pax­ton Announces His­toric $600 Mil­lion Data Breach Settle­ment with Equifax

AG Pax­ton Announces His­toric $600 Mil­lion Data Breach Settle­ment with Equifax
  • PublishedJuly 24, 2019


[adning id=”33097″]

 

 

Attorney General Ken Paxton this week announced that a coalition of 50 attorneys general reached the largest data breach settlement in history with Equifax, resolving an investigation into a massive data breach first disclosed by the company in September 2017. The breach exposed the personal information of nearly half the U.S. population, including 12.1 million Texans.

The $600 million settlement with the attorneys general of 48 states, the District of Columbia and Puerto Rico requires Equifax to implement and maintain a rigorous and comprehensive data security program designed to prevent future breaches.

Under the agreement, Equifax must also pay between $300 million and $425 million into a consumer restitution settlement fund for the benefit of consumers whose information was exposed in the breach. Equifax will pay $175 million to the 50 attorneys general. Texas will collect $10.9 million for penalties, fees and costs.

“As a data broker which collects and maintains the sensitive personal information of millions, Equifax is obligated by law to protect that information from hackers. This investigation exposed Equifax’ failure to comply with that obligation.” said Attorney General Paxton.  “Today’s settlement puts them on the path to correction and is a win for Texas consumers. My office will continue to investigate companies that fail to protect Texans’ personal information and do everything it can to protect Texans from identity theft.”

The investigation of Equifax concluded that the company failed to maintain reasonable safeguards to protect consumers’ sensitive personal information from unlawful disclosure. Despite knowing about a critical vulnerability in its software, Equifax failed to fully and timely patch its systems. Moreover, Equifax failed to replace software that monitored the breached network for suspicious activity. As a result, the attackers penetrated Equifax’s system and went unnoticed for 76 days.

More information about the settlement, including details of the consumer restitution fund and how to file claims, can be found here: https://www.texasattorneygeneral.gov/consumer-protection/equifax. To receive email updates about the consumer restitution fund and when the settlement administrator will begin accepting claims, sign up at www.ftc.gov/equifax.

In November 2017, Attorney General Paxton’s Consumer Protection Division served an investigative subpoena – also known as a Civil Investigative Demand – on Equifax, one of the nation’s three major credit reporting agencies.

View a copy of the Texas final judgment here.

 

[adning id=”33207″]

 

[pro_ad_display_adzone id=”25296″]

 


[adning id=”33207″]

Written By